Revision 3a3c5ab3d6988afdcd63f3fc8e33d157ca1d9c67 authored by Linus Torvalds on 04 June 2021, 16:30:23 UTC, committed by Linus Torvalds on 04 June 2021, 16:30:23 UTC
Pull drm fixes from Dave Airlie: "Two big regression reverts in here, one for fbdev and one i915. Otherwise it's mostly amdgpu display fixes, and tegra fixes. fb: - revert broken fb_defio patch amdgpu: - Display fixes - FRU EEPROM error handling fix - RAS fix - PSP fix - Releasing pinned BO fix i915: - Revert conversion to io_mapping_map_user() which lead to BUG_ON() - Fix check for error valued returns in a selftest tegra: - SOR power domain race condition fix - build warning fix - runtime pm ref leak fix - modifier fix" * tag 'drm-fixes-2021-06-04-1' of git://anongit.freedesktop.org/drm/drm: amd/display: convert DRM_DEBUG_ATOMIC to drm_dbg_atomic drm/amdgpu: make sure we unpin the UVD BO drm/amd/amdgpu:save psp ring wptr to avoid attack drm/amd/display: Fix potential memory leak in DMUB hw_init drm/amdgpu: Don't query CE and UE errors drm/amd/display: Fix overlay validation by considering cursors drm/amdgpu: refine amdgpu_fru_get_product_info drm/amdgpu: add judgement for dc support drm/amd/display: Fix GPU scaling regression by FS video support drm/amd/display: Allow bandwidth validation for 0 streams. Revert "i915: use io_mapping_map_user" drm/i915/selftests: Fix return value check in live_breadcrumbs_smoketest() Revert "fb_defio: Remove custom address_space_operations" drm/tegra: Correct DRM_FORMAT_MOD_NVIDIA_SECTOR_LAYOUT drm/tegra: sor: Fix AUX device reference leak drm/tegra: Get ref for DP AUX channel, not its ddc adapter drm/tegra: Fix shift overflow in tegra_shared_plane_atomic_update drm/tegra: sor: Fully initialize SOR before registration gpu: host1x: Split up client initalization and registration drm/tegra: sor: Do not leak runtime PM reference
kernel_read_file.c
// SPDX-License-Identifier: GPL-2.0-only
#include <linux/fs.h>
#include <linux/fs_struct.h>
#include <linux/kernel_read_file.h>
#include <linux/security.h>
#include <linux/vmalloc.h>
/**
* kernel_read_file() - read file contents into a kernel buffer
*
* @file file to read from
* @offset where to start reading from (see below).
* @buf pointer to a "void *" buffer for reading into (if
* *@buf is NULL, a buffer will be allocated, and
* @buf_size will be ignored)
* @buf_size size of buf, if already allocated. If @buf not
* allocated, this is the largest size to allocate.
* @file_size if non-NULL, the full size of @file will be
* written here.
* @id the kernel_read_file_id identifying the type of
* file contents being read (for LSMs to examine)
*
* @offset must be 0 unless both @buf and @file_size are non-NULL
* (i.e. the caller must be expecting to read partial file contents
* via an already-allocated @buf, in at most @buf_size chunks, and
* will be able to determine when the entire file was read by
* checking @file_size). This isn't a recommended way to read a
* file, though, since it is possible that the contents might
* change between calls to kernel_read_file().
*
* Returns number of bytes read (no single read will be bigger
* than INT_MAX), or negative on error.
*
*/
int kernel_read_file(struct file *file, loff_t offset, void **buf,
size_t buf_size, size_t *file_size,
enum kernel_read_file_id id)
{
loff_t i_size, pos;
size_t copied;
void *allocated = NULL;
bool whole_file;
int ret;
if (offset != 0 && (!*buf || !file_size))
return -EINVAL;
if (!S_ISREG(file_inode(file)->i_mode))
return -EINVAL;
ret = deny_write_access(file);
if (ret)
return ret;
i_size = i_size_read(file_inode(file));
if (i_size <= 0) {
ret = -EINVAL;
goto out;
}
/* The file is too big for sane activities. */
if (i_size > INT_MAX) {
ret = -EFBIG;
goto out;
}
/* The entire file cannot be read in one buffer. */
if (!file_size && offset == 0 && i_size > buf_size) {
ret = -EFBIG;
goto out;
}
whole_file = (offset == 0 && i_size <= buf_size);
ret = security_kernel_read_file(file, id, whole_file);
if (ret)
goto out;
if (file_size)
*file_size = i_size;
if (!*buf)
*buf = allocated = vmalloc(i_size);
if (!*buf) {
ret = -ENOMEM;
goto out;
}
pos = offset;
copied = 0;
while (copied < buf_size) {
ssize_t bytes;
size_t wanted = min_t(size_t, buf_size - copied,
i_size - pos);
bytes = kernel_read(file, *buf + copied, wanted, &pos);
if (bytes < 0) {
ret = bytes;
goto out_free;
}
if (bytes == 0)
break;
copied += bytes;
}
if (whole_file) {
if (pos != i_size) {
ret = -EIO;
goto out_free;
}
ret = security_kernel_post_read_file(file, *buf, i_size, id);
}
out_free:
if (ret < 0) {
if (allocated) {
vfree(*buf);
*buf = NULL;
}
}
out:
allow_write_access(file);
return ret == 0 ? copied : ret;
}
EXPORT_SYMBOL_GPL(kernel_read_file);
int kernel_read_file_from_path(const char *path, loff_t offset, void **buf,
size_t buf_size, size_t *file_size,
enum kernel_read_file_id id)
{
struct file *file;
int ret;
if (!path || !*path)
return -EINVAL;
file = filp_open(path, O_RDONLY, 0);
if (IS_ERR(file))
return PTR_ERR(file);
ret = kernel_read_file(file, offset, buf, buf_size, file_size, id);
fput(file);
return ret;
}
EXPORT_SYMBOL_GPL(kernel_read_file_from_path);
int kernel_read_file_from_path_initns(const char *path, loff_t offset,
void **buf, size_t buf_size,
size_t *file_size,
enum kernel_read_file_id id)
{
struct file *file;
struct path root;
int ret;
if (!path || !*path)
return -EINVAL;
task_lock(&init_task);
get_fs_root(init_task.fs, &root);
task_unlock(&init_task);
file = file_open_root(root.dentry, root.mnt, path, O_RDONLY, 0);
path_put(&root);
if (IS_ERR(file))
return PTR_ERR(file);
ret = kernel_read_file(file, offset, buf, buf_size, file_size, id);
fput(file);
return ret;
}
EXPORT_SYMBOL_GPL(kernel_read_file_from_path_initns);
int kernel_read_file_from_fd(int fd, loff_t offset, void **buf,
size_t buf_size, size_t *file_size,
enum kernel_read_file_id id)
{
struct fd f = fdget(fd);
int ret = -EBADF;
if (!f.file)
goto out;
ret = kernel_read_file(f.file, offset, buf, buf_size, file_size, id);
out:
fdput(f);
return ret;
}
EXPORT_SYMBOL_GPL(kernel_read_file_from_fd);
Computing file changes ...